1. Field of the Invention
The present invention relates to a method for embedding data control information for controlling the permission or prohibition to copy recorded data in order to prevent data whose copyright should be protected (e.g., an audio software, a graphic software, or the like) from being copied or processed (i.e., manipulated), and a device for realizing the method; a method for detecting such data control information, and a device for realizing the method; and a data control method in which the method for embedding data control information and the method for detecting data control information are combined.
2. Description of the Related Art
As a method for embedding copy control information in an image, or as a method for detecting copy control information, a method referred to as Patchwork is known. This method is described in xe2x80x9cData hiding techniques for supporting water mark (I)xe2x80x9d, Nikkei Electronics, No. 683, pp. 149-162, published in Feb. 24, 1997 (this is a translation of xe2x80x9cTechniques for data hidingxe2x80x9d by W. Bender, D. Gruhl, N. Morimoto, and A. Lu, IBM Systems Journal, Vol 35, NOS 3 and 4, 1996). Hereinafter, a conventional method for embedding copy control information and a conventional method for detecting such a copy control information will be described.
As the conventional method for embedding copy control information, a process for embedding a copy permission/prohibition bit (one bit) in an image will be described hereinafter. When copying is permitted, the copy permission/prohibition bit is set to be 1. When copying is prohibited, the copy permission/prohibition bit is set to be 0. Two points (i.e., Ai and Bi) are selected from the image by means of pseudo random numbers. Next, when a bit to be embedded is 1, the brightness level of Ai, i.e., Yai, is raised by an amount d, and the brightness level of Bi, i.e., Ybi, is lowered by the amount d. Conversely, when a bit to be embedded is 0, the brightness level of Ai is lowered by the amount d, and the brightness level of Bi is raised by the amount d. The value of d is an integer from 1 to 5. Such processing is repeated n times (n is generally about 10,000).
Next, the conventional method for detecting copy control information will be described. First, brightness levels (i.e. pixel information) at the same two points as those selected at the time of embedding information (i.e., (Yai+d, Ybixe2x88x92d) or (Yaixe2x88x92d, Ybi+d)) are extracted from the image by pseudo random numbers. Next, the difference between these two points is calculated. These processing steps are repeated n times, and a mean value of the thus-obtained differences is calculated. If the mean value is equal to or greater than d, the embedded bit is considered to be 1, and if the mean value is equal to or less than xe2x88x92d, the embedded bit is considered to be 0. If the mean value is between xe2x88x92d and d, it is considered that no information is embedded.
Herein, the expected value of (Yaixe2x88x92Ybi) is estimated to be 0. The expected value of (Yai+d)xe2x88x92(Ybixe2x88x92d) is 2d, and the expected value of (Yaixe2x88x92d)xe2x88x92(Ybi+d) is xe2x88x922d. Accordingly, determination is performed assuming that the threshold values of displacement from the mean value of 0 are d and xe2x88x92d. In order to perform more accurate determination, copy control information can be detected by finding the statistical distribution of such differences, and measuring the displacement of its variance from the estimated value.
As described above, according to the conventional method for embedding copy control information and the conventional method for detecting copy control information, it is possible to embed and detect a one-bit copy permission/prohibition flag. According to another method, a constant level d is not added or subtracted in the selected pixels. Rather, information is embedded as follows. The level of embedding is changed for each of the pixels in accordance with the characteristics of its image, and such a level is respectively added to, or subtracted from, the brightness of each of the pixels so that the mean of such calculations becomes level d. As a result, it is possible to suppress the deterioration of the image after embedding the information and to make it more difficult to conduct tampering.
Therefore, the method for embedding copy control information and the method for detecting the copy control information are required not only to indicate the permission or prohibition to copy but also to control the number of allowed copies (e.g., to control the number of copies so as to limit the number of copies made to N). In order to control the number of copies, it is necessary to rewrite copy control information upon copying. For example, in the case of a software whose copying is permitted only once, the copy control information indicating that copying is permitted once is embedded in the software. Upon copying the software, the copy control information must be replaced by new copy control information indicating copying is prohibited.
In order to realize such rewriting of copy control information by the conventional method for embedding copy control information and the conventional method for detecting the copy control information, both of these methods must be executed when a user makes a copy. Since the conventional method for embedding copy control information is hard to process as compared to the method for detecting the copy control information, its realization by a user leads to an increase in cost. In addition, since the method for embedding copy control information is disclosed to the user, there exists a possibility that tempering can be carried out rather easily.
According to one aspect of this invention, a data control method includes the steps of: A) at least one of the following steps: A-1) embedding prohibition information in data, wherein copying of the data is to be prohibited; and A-2) embedding the prohibition information and N pieces of permission information in the data (N is a natural number), wherein the copying of the data is to be permitted N times; and B) detecting the prohibition and/or permission information prior to the copying of the data. In the case where the permission information is detected from the data prior to the copying of the data, at least one of the N pieces of permission information in the data is invalidated, and then the copying of the data is permitted. In the case where the permission information is not detected from the data, and the prohibition information is detected from the data prior to the copying of the data, the copying of the data is prohibited.
In one embodiment of the present invention, the permission information is a digital signature f(M); and the digital signature f(M) is derived based on a digital code M which is extracted from the data.
According to another aspect of this invention, a method for embedding data control information includes one of the following steps of: embedding prohibition information in data, wherein copying of the data is to be prohibited; and embedding the prohibition information and N pieces of permission information in the data in the data (N is a natural number), wherein the copying of the data is to be permitted N times.
In one embodiment of the present invention, the permission information is a digital signature f(M) for a digital code M which is uniquely derived from the date.
According to still another aspect of this invention, a method for detecting data control information includes the step of detecting predetermined permission and/or prohibition information prior to copying of data. In the case where the predetermined permission information is detected from the data prior to the copying of the data, the predetermined permission information is invalidated so as to permit the copying of the data. In the case where the predetermined permission information is not detected from the data, and the predetermined prohibition information is detected from the data prior to the copying of the data, the copying of the data is prohibited.
According to still yet another aspect of this invention, a method for detecting data control information includes the step of authenticating a digital signature f(M) in data based on a digital code M which is derived from data. In the case where the digital signature f(M) in the data is authenticated prior to copying of the data, the copying of the data is permitted. In the case where the digital signature f(M) in the data is not authenticated prior to the copying of the data, the copying of the data is prohibited.
According to still yet another aspect of this invention, a device for embedding data control information includes: a section for embedding prohibition information, which embeds prohibition information indicating at least a prohibition against copying of data in the data; and a section for embedding permission information, which embeds N pieces of permission information in the data along with the embedding of the prohibition information by the section for embedding prohibition information in the case where the copying of the data is to be permitted N times, wherein N is a natural number.
In one embodiment of the present invention, the section for embedding permission information has a code extracting section for extracting a digital code M from the data.
In another embodiment of the present invention, the section for embedding permission information includes: a signature section for generating a digital signature f(M) based on the digital code M which is extracted by the code extracting section and a first public key held by a producer of the data; and a signature embedding section for embedding the digital signature f(M) generated by the signature section in the data as the permission information.
According to still yet another aspect of this invention, a device for detecting data control information which extracts prohibition information and permission information embedded in data includes: a permission information detecting section for detecting the permission information from the date; a permission information invalidating section for invalidating the permission information in the data; a prohibition information detecting section for detecting the prohibition information from the data, and a determining section which sets a copy permission/prohibition flag to be in a copy permissive state and then outputs the flag in the case where the permission information is detected by the permissive information detecting section, and sets the copy permission/prohibition flag to be in a copy prohibited state and the n outputs the flag in the case where the permission information is not detected by the permission information detecting section, and the prohibition information is detected by the prohibition information detecting section.
In one embodiment of the present invention, the permission information detecting section has a code extracting section for extracting a digital code M from the data.
In another embodiment of the present invention, the permission information detecting section includes: a signature extracting section for extracting a digital signature f(M) which is embedded in the data; and an authentication section which generates a digital signature f(M) based on the digital code M extracted by the code extracting section and a second public key, compares the generated digital signature f(M) with the digital signature f(M) extracted by the signature extracting section, and validates a copy permission flag and outputs the flag if the digital signature f(M) is authenticated.
According to still yet another aspect of this invention, a device for recording data on a recording medium includes: a permission information detecting section for detecting the permission information from the data; a permission information invalidating section for invalidating the permission information in the data; a prohibition information detecting section for detecting the prohibition information from the data; and a determining section which sets a copy permission/prohibition flag to be in a copy permissive state and then outputs the flag in the case where the permission information is detected by the permission information detecting section, and sets the copy permission/prohibition flag to be in a copy prohibited state and then outputs the flag in the case where the permission information is not detected by the permission information detecting section, and the prohibition information is detected by the prohibition information detecting section; and a data recording section which records the data in the case where the copy permission/prohibition flag is set to be in the copy permissive state by the determining section, and does not record the data in the case where the copy permission/prohibition flag is set to be in the copy prohibited state by the determining section.
In one embodiment of the present invention, the permission information detecting section has a code extracting section for extracting a digital code M from the data.
According to still yet another aspect of this invention, a date control method includes the steps of: A) at least one of the following steps: A-1) embedding prohibition information in data, wherein processing of the data is to be prohibited; and A-2) embedding the prohibition information and N pieces of permission information in the data (N is a natural number), wherein the processing of the data is to be permitted N times; and B) detecting the permission and/or prohibition information prior to the processing of the data. In the case where the permission information is detected from the data prior to the processing of the data, at least one of the N pieces of permission information in the data is invalidated, and then the processing of the data is permitted. In the case where the permission information is not detected from the data, and the prohibition information is detected prior to the processing of the data, the processing of the data is prohibited.
According to still yet another aspect of this invention, a method for embedding data control information includes one of the following steps of: embedding prohibition information in data, wherein processing of the data is to be prohibited; and embedding the prohibition information and N pieces of permission information in the data (N is a natural number), wherein the processing of the data is to be permitted N times.
According to still yet another aspect of this invention, a method for detecting data control information includes the following step of: detecting predetermined permission and/or prohibition information prior to processing of data. In the case where the predetermined permission information is detected from the data prior to the processing of the data, the predetermined permission information is invalidated so as to permit the processing of the data. In the case where the predetermined permission information is not detected from the data, and the predetermined prohibition information is detected from the data prior to the processing of the data, the processing of the data is prohibited.
According to still yet another aspect of this invention, a device for embedding data control information includes a section for embedding prohibition information, which embeds prohibition information indicating prohibition against processing of data in the data; and a section for embedding permission information, which embeds N pieces of permission information in the data along with the embedding of the prohibition information by the section for embedding prohibition information in the case where the processing of the data is to be permitted N times, wherein N is a natural number.
According to still yet another aspect of this invention, a device for detecting data control information which extracts prohibition information and permission information embedded in data includes: a permission information detecting and deleting section which, in the case where N pieces of permission information (N is a natural number) are detected from the data, invalidates at least one of the N pieces of permission information in the data, validates a permission flag, and outputs the flag; a prohibition information detecting section which validates a prohibition flag and outputs the flag in the case where the prohibition information is detected from the data; and a determining section which sets a permission/prohibition flag to be in a permissive state and then outputs the flag when the permission flag is valid or the prohibition flag is not valid, and sets the permission/prohibition flag to be in a prohibited state and then outputs the flag when the permission flag is invalid and the prohibition information is valid.
Thus, the invention described herein makes possible the advantages of providing a method for embedding data control information which can control not only the permission or prohibition to copy, but also control the number of copies, and which makes it more difficult to conduct tampering, and a device for realizing the same; a method for detecting the data control information, and a device for realizing such a method; a method for embedding data control information which limits manipulation of data or data processing of displayed contents or the like, and a device for realizing such a method; and a method for detecting the data control information, and a device for realizing such a method.